Pop the champagne corks! Trend Micro announced the public beta of Trend Micro SecureCloud – an exceptionally cool new offering that you can take for a test drive today. We can finally talk openly about a technology and business approach that addresses cloud security and data governance issues that have been confronting the industry (see blogs from Richard Stiennon, Trend Micro’s Steve Quanehere, and Andy Dancerhere).

A big hurdle to cloud computing adoption has been securing and controlling data in the public cloud. SecureCloud is a huge step forward enabling enterprises to govern and control cloud data using encryption and sophisticated encryption key management. The encryption used in SecureCloud is standard AES 128 bit encryption, but the secret sauce of the technology lies in key management functionality that validates the identity and integrity of the cloud server.

SecureCloud is home-grown innovation developed by Trend Micro (no acquisitions on this one). Enterprises can now mitigate risks by keeping security separate from their cloud service provider, and can move between cloud service providers while having the security surround and protect their data. Click here to learn more about SecureCloud and sign-up for the beta program! SecureCloud beta supports Amazon EC2, Eucalyptus v1.6 and v2.0, and VMware vCloud out of the gate.

http://www.security-technologynews.com/video/ Security Videos

Great news, we’ve been waiting for SecureCloud for a while now, nice to hear that it is up and running and available for a ‘test-drive’, looking forward to checking this out.

This article promises a lot of features which are strongly needed by the cloud community. Hence, I was curious about your new product and tried to get some detailed technical information. Till now I was not very successful and therefore wanted to ask if there is any detailed information available?

You say that “The encryption used in SecureCloud is standard AES 128 bit encryption, but the secret sauce of the technology lies in key management functionality that validates the identity and integrity of the cloud server.”. So this means that you want to encrypt data before it is pushed into the public cloud? And then? What happens next?

I would be very glad to get some more detailed information about your new product.

To answer your questions, SecureCloud uses a kernel-level driver to encrypt/decrypt data being written to storage. This is block-level encryption/decryption. Think of it as whole disk encryption for your mounted storage volumes in the private or public cloud. SecureCloud encrypts your unprotected data in the cloud VM before it enters the hypervisor and moves to your storage volumes. Using Amazon EC2 as an example, SecureCloud encrypts the data as it passes through your Amazon EC2 AMI on its way to your EBS volumes. Data taken out of that volume through that same AMI (with encryption agent and key installed) is decrypted and once again in its original format. Note that much of the “secret sauce” involves authenticating the identity and integrity of the data. The actual encryption algorithm is standard AES-128 bit encryption.

We are encrypting within IaaS (or private cloud), but you would need a secure pipe (SSL) when uploading data to your IaaS public cloud service provider. Once the data is within the IaaS (public cloud service provider), it could be encrypted using SecureCloud.
====